S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]

Credit to Author: Paul Ducklin| Date: Thu, 12 Jan 2023 17:59:15 +0000

THE CRYPTO CRISIS THAT WASN’T

Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud.

With Doug Aamoth and Paul Ducklin

Intro and outro music by Edith Mudge.

You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher.


READ THE TRANSCRIPT


DOUG.  Call centre busts, cracking cryptography, and patches galore.

All that more on the Naked Security podcast.

[MUSICAL MODEM]

Welcome to the podcast, everybody – thank you for listening!

My name is Doug Aamoth; he is Paul Ducklin.

Paul, how do you do?


DUCK.  Very well, Douglas.


DOUG.  All right.

We like start the show with a This Week in Tech History segment, and I have a twofer for you today – two things that went live this week.

One in 1863 and one in 2009.

Both exciting, one perhaps less controversial than the other.

We’re talking, of course, about the first stretch of the London Underground going into service in 1863, the first underground system of its kind.

And then we’ve got the Bitcoin floodgates opening in 2009, the first decentralised cryptocurrency of its kind.

Although we should pencil in an asterisk, because Bitcoin followed in the footsteps of such digital currencies as eCash and DigiCash in the 1980s and 1990s.


DUCK.  Yes, the latter was a rather different sort of “underground movement” to the first, wasn’t it?


DOUG.  [LAUGHS] Exactly, yes!


DUCK.  But you’re right… 160 years of the London Underground!


DOUG.  That’s amazing.

Let us talk about this…


DUCK.  [LAUGHS] You skipped the need to talk about Bitcoin/Controversy


DOUG.  Oh!


DUCK.  Let’s leave our listeners to ponder that one for themselves, Doug, because I think everyone has to have their own opinion about where Bitcoin led us… [LAUGHS]


DOUG.  And their own story.

I had a chance to buy it at $30 a coin and thought that was way too expensive.


DUCK.  Yes, Doug, but if you’d bought at $30, you would have sold at $60 and gone around patting yourself on the back and bragging to everybody.


DOUG.  Oh, not even $60!


DUCK.  Yes, exactly…


DOUG.  I’d have sold at $40. [LAUGHS]

And sticking with the subject of regret, there was a fake call centre in Ukraine that got busted:

Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid

This call centre looks nicer inside than some of the startups I’ve worked at.

So that’s something – this is a full infrastructure here.

What happened with this story, Paul?


DUCK.  Like you say, it looks like a nice little startup, but strangely, when you look at the photos provided by the Ukraine cyberpolice, no one seemed to have turned up for work that day.

And it wasn’t that they went during the vacation. [LAUGHTER]

It was that all the people – and there were, I think, three founders and 37 staff, so this was a biggish boutique business…

…they were all in the next room getting arrested, Doug.

Because although it was a call centre, their primary goal was preying on victims in another country.

In fact, in this case, they were specifically targeting victims in Kazakhstan with banking scams.

Basically, where they call up and they’re talking to you using the same sort of language that the bank would, following a carefully planned script that convinces the person, or convinces sufficiently many of the people they’re calling.

Remember, they’ve got a long list, so they can deal with lots of hang-ups, but eventually they’ll convince someone that they really are talking to the bank.

And once the other end believes that they really are talking to the bank, then…

Everyone says, “Oh, they should have realised it was a scam; they should have known when they were asked to transfer the funds, when they were asked to read out 2FA codes, when they were asked to hand over passwords, when they were asked to disclose details about the account.”

But it’s easy to say that with hindsight…


DOUG.  And I think we’ve talked about this on prior shows – when people ask, “How could someone fall for this?”

Well, they make hundreds and hundreds of calls, but they only need to trick one person. (In this case, it looks like they defrauded about 18,000 people!)

So you don’t need a super-high hit rate based on your calls.

That’s what makes these so dangerous… once you get a victim on the line, and you get access to their bank account, you just start sucking the money right out.


DUCK.  Once someone genuinely believes that they *are* talking to the bank, and they’ve got a call centre person who’s “really” (apparently!) trying to help them – probably giving them better service, support, time, and compassion than any call centre they’ve called themselves lately…

Once the person has crossed that bridge, you can see why they might get drawn in.

And, of course, as soon as the crooks had enough personally identifiable information to fleece the person, they’d jump in and start sucking money out of their account, and moving it to other accounts they controlled…

…so they could then move it on immediately, out of the regular banking system, shoving it into cryptocurrencies.

And that was what they did, day in, day out.

I don’t have much compassion for people who don’t have much compassion for the victims of these scams, to be honest, Doug.

I think a lot of techies sometimes look down their noses: “How could a person fall for this phishing scam? It’s full of mistakes, it’s full of spelling errors, it’s badly punctuated, it’s got a weird URL in it.”

You know, life’s like that!

I can see why people do fall for this – it’s not difficult for a good social engineer to talk to someone in a way that it sounds like they’re confirming security details, or that they’re going to say to you, “Let me just check with you that this really is your address”…

..but then, instead of *them* reading out your address, they’ll somehow wangle the conversation so *you* blurt it out first.

And then, “Oh, yes!” – they’ll just agree with you.

It’s surprisingly easy for someone who’s done this before, and who’s practised being a scammer, to lead the conversation in a way that makes you feel that it’s legitimate when it absolutely isn’t.

Like I said, I don’t think you should point any fingers or be judgmental about people who fall for this.

And in this case, 18,000 people went for… I think, an average of thousands of dollars each.

That’s a lot of money, a lot of turnover, for a medium sized business of 40 people, isn’t it, Doug?


DOUG.  [WRY] That’s not too shabby… other than the illegality of it all.

We do have some advice in the article, much of which we’ve said before.

Certain things like…

Not believing anyone who contacts you out of the blue and says that they’re helping you with an investigation.

Don’t trust the contact details given to you by someone on the other end of the phone….


DUCK.  Exactly.


DOUG.  We’ve talked about Caller ID, how that can’t be trusted:

Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown

Don’t be talked into to handing over your personal data in order to prove your identity – the onus should be on them.

And then, of course, don’t transfer funds to other accounts.


DUCK.  Yes!

Of course, we all need to do that at times – that’s the benefit of electronic banking, particularly if you live in a far-flung region where your bank has closed branches, so you can’t go in anymore.

And you do sometimes need to add new recipients, and to go through the whole process with passwords, and 2FA, and authentication, everything to say, “Yes, I do want to pay money to this person that I’ve never dealt with before.”

You are allowed to do that, but treat adding a new recipient with the extreme caution it deserves.

And if you don’t actually know the person, then tread very carefully indeed!


DOUG.  And the last bit of advice…

Instead of saying, “How could people fall for this?” – because *you* will not fall for this, look out for friends and family who may be vulnerable.


DUCK.  Absolutely.

Make sure that your friends and family know, if they have the slightest doubt, that they should Stop – Think – and and Connect *with you first*, and ask for your assistance.

Never be pressurised by fear, or cajoling, or wheedling, or anything that comes from the other end.


DOUG.  Fear – cajoling – wheedling!

And we move on to a classic kerfuffle concerning RSA and the technology media…

…and trying to figure out whether RSA can be cracked:

RSA crypto cracked? Or perhaps not!


DUCK.  Yes, this was a fascinating paper.

I think there are 20-something co-authors, all of whom are listed as primary authors, main authors, on the paper.

It came out of China, and it basically goes like this…

“Hey, guys, you know that there are these things called quantum computers?

And in theory, if you have a super-powerful quantum computer with a million qubits (that’s a quantum binary storage unit, the equivalent of a bit, but for a quantum computer)… if you have a computer with a million qubits, then, in theory, you could probably crack encryption systems like the venerable RSA (Rivest – Shamir – Adleman).

However, the biggest quantum computer yet built, after years and years of trying, has just over 400 qubits. So we’re a long way short of having a powerful enough quantum computer to get this amazing speed-up that lets us crack things that we previously thought uncrackable.

However, we think we’ve come up with a way of optimising the algorithm so that you actually only need a few hundred qubits. And maybe, just maybe, we have therefore paved the way to cracking RSA-2048.”

2048 is the number of bits in the prime product that you use for RSA.

If you can take that product of two 1024- bit prime numbers, big prime numbers…

…*if* you can take that 2048-bit number and factorise it, divide it back into the two numbers that were multiplied together, you can crack the system.

And the theory is that, with conventional computers, it’s just not possible.

Not even a super-rich government could build enough computers that were powerful enough to do that work of factorising the number.

But, as I say, with this super-powerful quantum computer, which no one’s near building yet, maybe you could do it.

And what these authors were claiming is, “Actually we found a shortcut.”


DOUG.  Do they detail the shortcut in the paper, or are they just saying, “Here’s a theory”?


DUCK.  Well, the paper is 32 pages, and half of it is appendix, which has an even higher “squiggle factor” than the rest of the paper.

So yes, they’ve got this *description*, but the problem is they didn’t actually do it.

They just said, “Hypothetically, you might be able to do this; you may be able to do the other. And we did a simulation using a really stripped-down problem”… I think, with just a few simulated qubits.

They didn’t try it on a real quantum computer, and they didn’t show that it actually works.

And the only problem that they actually solved in “proving how quickly” (airquotes!) they could do it is a factorising problem that my own very-many-year-old laptop can solve anyway in about 200 milliseconds on a single core, using a completely unoptimised, conventional algorithm.

So the consensus seems to be… [PAUSE] “It’s a nice theory.”

However, we did speak – I think, in the last podcast – about cryptographic agility.

If you are in the United States, Congress says *in a law* that you need cryptographic agility:

US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

We collectively need it, so that if we do have a cryptographic algorithm which is found wanting, we can switch soon, quickly, easily…

…and, better yet, we can swap even in advance of the final crack being figured out.

And that specifically applies because of the fear of how powerful quantum computers might be for some kinds of cryptographic cracking problems.

But it also applies to *any* issue where we’re using an encryption system or an online security protocol that we suddenly realise, “Uh-oh, it doesn’t work like we thought – we can’t carry on using the old one because the bottom fell out of that bucket.”

We need to be not worrying about how we’re going to patch said bucket for the next ten years!

We need to be able to chuck out the old, bring in the new, and bring everyone with us.

That’s the lesson to learn from this.

So, RSA *doesn’t* seem to have been cracked!

There’s an interesting theoretical paper, if you have the very specialised mathematics to wade through it, but the consensus of other cryptographic experts seems to be along the lines of: “Nothing to see here yet.”


DOUG.  And of course, the idea is that if and when this does become crackable, we’ll have a better system in place anyway, so it won’t matter because we’re cryptographically agile.


DUCK.  Indeed.


DOUG.  Last but not least, let us talk about the most recent Patch Tuesday.

We’ve got one zero-day, but perhaps even bigger than that, we say, “Thanks for the memories, Windows 7 and Windows 8.1, we hardly knew ye.”

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches


DUCK.  Well, I don’t know about “hardly”, Doug. [LAUGHTER]

Some of us liked one of you a lot, so much they didn’t want to give it up…

..and a lot of you, apparently, didn’t like the other *at all*.


DOUG.  Yes, kind of an awkward going-away party! [LAUGHS]


DUCK.  So much so that there never was a Windows 9, if you remember.

Somehow, a drained canal was placed between Windows 8.1 and Windows 10.

So, let’s not go into the details of all the patches – there are absolutely loads of them.

There’s one zero-day, which I think is an elevation of privilege, and that applies right from Windows 8.1 all the way to Windows 11 2022H2, the most recent release.

So that’s a big reminder that even if crooks are looking for vulnerabilities in the latest version of Windows, because that’s what most people are using, often those vulnerabilities turn out to be “retrofittable” back a long way.

In fact, I think Windows 7 had 42 CVE-numbered bugs patched; Windows 8.1 had 48.

And I think, as a whole, in all of the Windows products, there were 90 CVEs listed on their website, and 98 CVE-numbered bugs patched altogether, suggesting that about half of the bugs that were actually fixed (they all have CVE-2023- numbers, so they’re all recently discovered bugs)…

…about 50% of them go way back, if you want to go back that far.

So, for the details of all the fixes, go to news.sophos.com, where SophosLabs has published a more detailed analysis of Patch Tuesday.

January 2023 patch roundup: Microsoft tees up 98 updates


DUCK.  On Naked Security, the real thing we wanted to remind you about is…

…if you still have Windows 7, or you’re one of those people who still has Windows 8.1 (because somebody must have liked it), *you aren’t going to get any more security updates ever*.

Windows 7 had three years of “You can pay a whole lot of extra money and get extended security updates” – the ESU programme, as they call it.

But Windows 8.1? [LAUGHS]

The thing that gives credibility to that argument that they wanted to leave a dry ditch called Windows 9 between 8.1 and 10 is that Microsoft is now announcing:

“This extended support thing that we do, where we’ll happily take money off you for up to three years for products that are really ancient?

We’re not going to do that with Windows 8.1.”

So, at the same time as Windows 7 sails into the sunset, so does Windows 8.1.

So… if you don’t want to move on for your own sake, please do it for mine, and for Doug’s [LAUGHTER], and for everybody else’s.

Because you are not going to get any more security fixes, so there will just be more and more unpatched holes as time goes on.


DOUG.  All right!

We do have a comment on this article that we’d like to spotlight.

It does have to do with the missing Windows 9.

Naked Security reader Damon writes:

“My recollection of the reason there was no Windows 9 was to avoid poorly written version-checking code erroneously concluding that something reporting ‘Windows 9’ was Windows 95 or Windows 98.

That’s what I read at the time, anyway – I don’t know the veracity of the claim.”

Now, I had heard the same thing you did, Paul, that this was more of a marketing thing to add a little distance…


DUCK.  The “firebreak”, yes! [LAUGHS]

I don’t think we’ll ever know.

I’ve seen, and even reported in the article, on several of these stories.

One, as you say, it was the firebreak: if we just skip Windows 9 and we go straight to Windows 10, it’ll feel like we’ve distanced ourselves from the past.

I heard the story that they wanted a fresh start, and that the number wasn’t going to be a number anymore.

They wanted to break the sequence deliberately, so the product would just be called “Windows Ten”, and then it would get sub-versions.

The problem is that that story is kind of undermined by the fact that there’s now Windows 11! [LAUGHTER]

And the other problem with the “Oh, it’s because they might hear Windows 9 and think it’s Windows 95 when they’re doing version checking” is…

My recollection is that actually when you used the now-deprecated Windows function GetVersion() to find out the version number, it didn’t tell you “Windows Vista” or “Windows XP”.

It actually gave you a major version DOT minor version.

And amazingly, if I’m remembering correctly, Vista was Windows 6.0.

Windows 7, get this, was Windows 6.1… so there’s already plenty of room for confusion long before “Windows 9” was coming along.


DOUG.  Sure!


DUCK.  Windows 8 was “indows 6.2.

Windows 8.1 was essentially Windows 6.3.

But because Microsoft said, “No, we’re not using this GetVersion() command any more”, until this day (I put some code in the article – I tried it on the Windows 11 2022H2 release)…

  unsigned int GetVersion(void);  int printf(const char* fmt,...);     int main(void) {     unsigned int ver = GetVersion();        printf("GetVersion() returned %08X:n",ver);     printf("%u.%u (Build %u)n",ver&255,(ver>>8)&255,(ver>>16)&65535);        return 0;  }  

…to this day, unless you have a specially packaged, designed-for-a-particular-version-of-Windows executable installation, if you just take a plain EXE and run it, it will tell you to this day that you’ve got Windows 6.2 (which is really Windows 8):

  GetVersion() returned 23F00206:  6.2 (Build 9200)  

And, from memory, the Windows 9x series, which was Windows 95, Windows 98, and of course Windows Me, was actually version 4-dot-something.

So I’m not sure I buy this “Windows 9… version confusion” story.

Firstly, we would already have had that confusion when Windows Me came out, because it didn’t start with a “9”, yet it was from that series.

So products would already have had to fix that problem.

And secondly, even Windows 8 didn’t identify itself as “8” – it was still major version 6.

So I don’t know what to believe, Doug.

I’m sticking to the “drained and uncrossable emergency separation canal theory” myself!


DOUG.  All right, we’ll stick with that for now.

Thank you very much, Damon, for sending that in.

If you have an interesting story, comment, or question you’d like to submit, we’d love to read it on the podcast.

You can email tips@sophos.com, you can comment on any one of our articles, or you can hit us up on social: @NakedSecurity.

That’s our show for today; thanks very much for listening.

For Paul Ducklin, I’m Doug Aamoth, reminding you, until next time, to…


BOTH.  Stay Secure!

[MUSICAL MODEM]


http://feeds.feedburner.com/NakedSecurity

Leave a Reply